2025-11-17 –, Westin - Partenkirchen
Forget zero-days - today’s attackers are skipping the code and going straight for your trust. In this talk, we’ll explore how a new wave of cybercriminals, many young, non-technical, and highly creative, are bypassing traditional defenses using native tools, built-in features, and social engineering. From abusing RMM software and Microsoft Teams messages to weaponizing OneNote, these attackers don’t need exploits; they need credibility. We’ll break down real-world tactics, show how these attacks unfold, and discuss why defenders must shift their mindset from patching vulnerabilities to patching human trust.
Intro: The New Face of the Attacker
* Who are Gen Z attackers?
* Why technical skills are no longer a barrier to entry
The Exploit of Trust
* Social engineering as the new zero-day
* The psychology behind user manipulation
Native Tools, Real Damage
* RMM tools, Teams messages, OneNote, ClickUp
* Case studies from real-world incidents
Why Traditional Defenses Fail
* Detection gaps
* The illusion of security through patching
Defending Against Trust-Based Attacks
* Behavioral detection
* User awareness (beyond phishing training)
* Rethinking trust boundaries in the enterprise
Closing Thoughts
* What defenders need to prioritize next
Social Engineering, Phishing
Tom Barnea is a Cybersecurity Specialist at Varonis, where he dives into forensics investigations and leads customer-facing DFIR operations. He also contributes to internal research and the enhancement of methods and tools. Previously, Tom was a Team Leader and Instructor for the Cybersecurity Practitioner Course, where he mentored future cybersecurity analysts and introduced innovative learning methods. Always curious and ready for new challenges, Tom believes in the power of continuous learning and simple solutions. He’s passionate about sharing knowledge and truly believes that our work helps to keep the world a better place.